|
9ee660cb6d
|
Pin stunnel image to speed deployments
This will prevent redownload
|
2024-06-26 13:27:41 -07:00 |
|
|
2235a00f3b
|
Refactor blocky lists to a new nomad var space to make them easier to manage
|
2024-06-24 17:04:03 -07:00 |
|
|
1f8014e740
|
Fix smarttv block lists to get from a domain that works
Also hard codes regex lists because they were formatted for PiHole and
not Blocky.
|
2024-06-24 13:54:30 -07:00 |
|
|
bc620987b7
|
Move from Gitea to Nomad Vars for custom block and allow
DNS doesn't route to internal addresses for git.thefij.rocks because
list lookups use bootstrap DNS servers, which don't know about it.
|
2024-06-24 13:53:34 -07:00 |
|
|
7477cb7227
|
Upgrade blocky and init fast
|
2024-06-24 13:53:13 -07:00 |
|
|
90b7740343
|
Move Blocky and Exporters away from system to service jobs
This is because service jobs do not get rescheduled when allocs fail
|
2024-05-30 11:41:40 -07:00 |
|
|
3dcd4c44b3
|
Tune memory after reviewing grafana
|
2024-03-26 09:48:31 -07:00 |
|
|
8b90aa0d74
|
Add 1.1.1.1 dns back to blocky for better resiliance
|
2024-02-20 10:10:41 -08:00 |
|
|
6b5adbdf39
|
Remove 404 block list
|
2024-02-13 12:02:35 -08:00 |
|
|
77ef4b4167
|
Use quad9 encrypted dns
|
2024-02-13 12:02:14 -08:00 |
|
|
b35b8cecd5
|
Blocky: Remove mysql and redis configs from stunnel if server isn't found
|
2024-02-13 12:01:45 -08:00 |
|
|
b9dfeff6d8
|
Have blocky use router for upstream in nomad
|
2024-02-13 12:01:08 -08:00 |
|
|
cda2842f8f
|
Switch to image containing stunnel
Rather than installing on container startup, using an image with
stunnel pre-installed. This avoids issues with DNS breaking
the container on startup.
|
2024-01-03 13:50:49 -08:00 |
|
|
ca55209316
|
Fix blocky redis
|
2023-12-10 20:37:43 -08:00 |
|
|
1b49f015c5
|
Update blocky config to v0.22 schema
|
2023-11-30 14:00:27 -08:00 |
|
|
eb25138675
|
Remove defunct lists
|
2023-11-30 13:39:22 -08:00 |
|
|
69a0f760b4
|
Remove defunct lists
|
2023-11-30 13:39:01 -08:00 |
|
|
bb34b434b8
|
Add custom blocklists hosted on my gitea server
|
2023-11-30 13:23:54 -08:00 |
|
|
b29f405090
|
Bump prometheus versiosn and pin blocky
|
2023-09-18 21:58:43 -07:00 |
|
|
2bd939e651
|
Remove deprecated hcl2 enabled
|
2023-08-29 13:02:04 -07:00 |
|
|
ea8ca478c6
|
Fix blocky acl
|
2023-08-29 12:59:14 -07:00 |
|
|
f5898b0283
|
Add workload ACL management for mysql and postgres access
Allows required jobs to access shared secrets and auto generates psks
for stunnel.
Currently supporting MySQL, Postgres, and LDAP.
|
2023-08-29 12:48:48 -07:00 |
|
|
013dd8248b
|
Make base_hostname more configurable
|
2023-08-24 15:03:36 -07:00 |
|
|
d5078b24da
|
Refactor use of wesher to be behind a variable toggle
Occasionally I run into issues with Wesher. This makes it easier to
disable use of Wesher by setting TF_VAR_use_wesher to false.
|
2023-08-24 12:51:32 -07:00 |
|
|
f333031c25
|
bootstrap blocky with stunnel
|
2023-07-26 23:23:23 -07:00 |
|
|
0a7ad7a9dc
|
Enable redis for authelia
This also splits redis instances by service
|
2023-07-07 15:50:23 -07:00 |
|
|
f606e0a17e
|
Remove blocky client groups because fallback server masks them
|
2023-07-05 15:45:55 -07:00 |
|
|
2c128b25f3
|
Add additional blocking for wemo
|
2023-06-20 09:42:33 -07:00 |
|
|
f11fad30a5
|
Use stunnel for mysql
Doesn't remove wesher or normal mysql service
|
2023-05-09 13:20:36 -07:00 |
|
|
7d8bc45090
|
Move blocky custom mappings above catchall
|
2023-04-04 13:12:34 -07:00 |
|
|
c38ba8589a
|
Clean blocky config for latest version
|
2023-03-27 15:21:35 -07:00 |
|
|
c7f85bd985
|
Fix blocky redis stunnel lookup
|
2023-03-27 15:21:19 -07:00 |
|
|
f17dec7b57
|
Add nomad services to nomad zone using hosts in blocky
|
2023-03-27 15:20:50 -07:00 |
|
|
a748adbab0
|
Store blocky config in local task dir
|
2023-03-27 15:19:53 -07:00 |
|
|
98ea2a1ca0
|
A whole lot of incremental fixes for nomad variables and such
Also adds stunnel between redis and clients
|
2023-03-24 16:32:37 -07:00 |
|
|
d8307935f5
|
Refactor everything for nomad vars
|
2023-03-24 11:24:36 -07:00 |
|
|
5fb0e0841e
|
Blocky do not create read only user to reduce password exposure
|
2023-03-24 09:56:56 -07:00 |
|
|
00697ebb02
|
Blocky use wgoverlay for api
|
2023-03-24 09:56:29 -07:00 |
|
|
46dc44aca4
|
Simplify mysql for blocky
|
2023-03-24 08:55:27 -07:00 |
|
|
4430b3570e
|
Fix blocky template
|
2023-03-24 08:55:27 -07:00 |
|
|
65cb6afaf9
|
WIP: Moving vars and service discovery to Nomad
Starting with core
|
2023-03-24 08:55:23 -07:00 |
|
|
3a95fb46db
|
Add more conditional checks to Blocky so it is more resiliant
Hopefully this will allow it to deploy if mysql or vault are down
|
2023-02-27 11:54:33 -08:00 |
|
|
91c2ff6345
|
Update blocklists
|
2022-12-22 15:13:31 -08:00 |
|
|
fd731971d3
|
Try to stabilize DNS
Add all cluster nodes to each nodes resolv.conf and update blocky config
template to delay render on update to avoid unnecessary restarts
|
2022-11-27 22:46:25 -08:00 |
|
|
2db266bda7
|
Update blocky upstream dns to bootstrap better (hopefully) and forward to consul
|
2022-11-15 10:26:26 -08:00 |
|
|
bb400a3f1c
|
Add blocky metrics to grafana
|
2022-11-11 16:21:17 -08:00 |
|
|
3077e66e70
|
Limit all existing services to websecure entrypoint
This will be a bigger issue if exposing a public entrypoint.
|
2022-11-10 13:37:50 -08:00 |
|
|
1fad6b691c
|
Update some metrics
|
2022-11-07 20:50:18 -08:00 |
|
|
0996cfbf67
|
Update hooks
|
2022-11-02 12:59:32 -07:00 |
|
|
45c597b040
|
Big refactor to split core and services for better ordering
|
2022-10-27 14:28:34 -07:00 |
|